Padá MBAM, nefunkční aktualizace NODu, stránky ESET...
Napsal: 13 srp 2010 09:26
Vkládám log z combofixu
ComboFix 10-08-12.03 - Vlastnik 13.08.2010 10:15:37.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1014.701 [GMT 2:00]
Spuštěný z: c:\documents and settings\Vlastnik\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-13 do 2010-08-13 )))))))))))))))))))))))))))))))
.
2010-08-13 07:08 . 2010-08-13 07:07 423656 ----a-w- c:\windows\system32\deployJava1.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-13 08:08 . 2009-01-20 12:31 -------- d-----w- c:\program files\CalCost
2010-08-13 07:44 . 2010-01-25 13:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-13 07:08 . 2007-04-24 05:23 -------- d-----w- c:\program files\Common Files\Java
2010-08-13 07:07 . 2007-04-24 05:23 -------- d-----w- c:\program files\Java
2010-08-11 12:20 . 2007-04-24 05:22 -------- d-----w- c:\program files\Nazev produktu
.
((((((((((((((((((((((((((((( SnapShot@2010-01-25_13.51.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-13 08:14 . 2010-08-13 08:14 16384 c:\windows\temp\Perflib_Perfdata_7bc.dat
+ 2005-05-26 02:16 . 2009-08-06 17:24 44768 c:\windows\system32\wups2.dll
+ 2006-08-24 16:12 . 2009-08-06 17:24 35552 c:\windows\system32\wups.dll
+ 2006-08-24 16:12 . 2009-08-06 17:24 53472 c:\windows\system32\wuauclt.exe
+ 2010-08-13 07:53 . 2009-08-06 17:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2010-08-13 07:53 . 2009-08-06 17:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
- 2004-08-18 12:00 . 2009-10-26 06:01 64314 c:\windows\system32\perfc009.dat
+ 2004-08-18 12:00 . 2010-03-29 04:58 64314 c:\windows\system32\perfc009.dat
- 2004-08-18 12:00 . 2009-10-26 06:01 76156 c:\windows\system32\perfc005.dat
+ 2004-08-18 12:00 . 2010-03-29 04:58 76156 c:\windows\system32\perfc005.dat
- 2010-01-25 13:42 . 2010-01-07 15:07 38224 c:\windows\system32\drivers\mbamswissarmy.sys
+ 2010-01-25 13:42 . 2010-04-29 13:39 38224 c:\windows\system32\drivers\mbamswissarmy.sys
+ 2010-01-25 13:42 . 2010-04-29 13:39 20952 c:\windows\system32\drivers\mbam.sys
+ 2009-09-29 11:05 . 2009-09-29 11:05 96408 c:\windows\system32\drivers\epfwtdir.sys
- 2009-11-16 08:06 . 2009-11-16 08:06 96408 c:\windows\system32\drivers\epfwtdir.sys
+ 2006-08-24 16:12 . 2009-08-06 17:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2006-08-24 16:12 . 2009-08-06 17:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2004-08-18 12:00 . 2009-08-06 17:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2004-08-18 12:00 . 2009-08-06 17:24 96480 c:\windows\system32\cdm.dll
+ 2009-08-06 18:24 . 2009-08-06 18:24 44768 c:\windows\SoftwareDistribution\WebSetup\wups2.dll
+ 2009-08-06 18:24 . 2009-08-06 18:24 35552 c:\windows\SoftwareDistribution\WebSetup\wups.dll
+ 2009-08-06 18:24 . 2009-08-06 18:24 53472 c:\windows\SoftwareDistribution\WebSetup\wuauclt.exe
+ 2009-08-06 18:24 . 2009-08-06 18:24 96480 c:\windows\SoftwareDistribution\WebSetup\cdm.dll
+ 2006-10-24 07:06 . 2010-04-28 07:19 25214 c:\windows\Installer\{AC76BA86-7AD7-1029-7B44-A70500000002}\SC_Reader.exe
- 2006-10-24 07:06 . 2006-10-24 07:06 25214 c:\windows\Installer\{AC76BA86-7AD7-1029-7B44-A70500000002}\SC_Reader.exe
+ 2010-08-13 07:53 . 2010-08-13 07:53 10134 c:\windows\Installer\{AB47445C-8CA6-4A84-8A1B-42361B78BA4D}\callmsi.exe
+ 2006-08-24 16:12 . 2009-08-06 18:23 209624 c:\windows\system32\wuweb.dll
+ 2006-08-24 16:12 . 2009-08-06 17:24 327896 c:\windows\system32\wucltui.dll
+ 2006-08-24 16:12 . 2009-08-06 17:23 575704 c:\windows\system32\wuapi.dll
+ 2004-08-18 12:00 . 2010-03-29 04:58 408792 c:\windows\system32\perfh009.dat
- 2004-08-18 12:00 . 2009-10-26 06:01 408792 c:\windows\system32\perfh009.dat
- 2004-08-18 12:00 . 2009-10-26 06:01 406354 c:\windows\system32\perfh005.dat
+ 2004-08-18 12:00 . 2010-03-29 04:58 406354 c:\windows\system32\perfh005.dat
+ 2010-08-13 07:08 . 2010-08-13 07:08 153376 c:\windows\system32\javaws.exe
+ 2010-08-13 07:08 . 2010-08-13 07:08 145184 c:\windows\system32\javaw.exe
+ 2010-08-13 07:08 . 2010-08-13 07:08 145184 c:\windows\system32\java.exe
+ 2009-09-29 11:02 . 2009-09-29 11:02 108792 c:\windows\system32\drivers\ehdrv.sys
- 2009-11-16 08:03 . 2009-11-16 08:03 108792 c:\windows\system32\drivers\ehdrv.sys
+ 2009-09-29 10:56 . 2009-09-29 10:56 116008 c:\windows\system32\drivers\eamon.sys
+ 2006-08-24 16:12 . 2009-08-06 18:23 209624 c:\windows\system32\dllcache\wuweb.dll
+ 2006-08-24 16:12 . 2009-08-06 17:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2006-08-24 16:12 . 2009-08-06 17:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2009-08-06 18:24 . 2009-08-06 18:24 327896 c:\windows\SoftwareDistribution\WebSetup\wucltui.dll
+ 2009-08-06 18:23 . 2009-08-06 18:23 575704 c:\windows\SoftwareDistribution\WebSetup\wuapi.dll
+ 2010-08-13 07:09 . 2010-08-13 07:09 180224 c:\windows\Installer\6f09e3.msi
+ 2010-08-13 07:07 . 2010-08-13 07:07 676352 c:\windows\Installer\6f09de.msi
+ 2010-08-13 07:53 . 2010-08-13 07:53 101480 c:\windows\Installer\{AB47445C-8CA6-4A84-8A1B-42361B78BA4D}\egui.exe
+ 2006-08-24 16:12 . 2009-08-06 17:23 1929952 c:\windows\system32\wuaueng.dll
+ 2006-08-24 16:12 . 2009-08-06 17:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
+ 2009-08-06 18:23 . 2009-08-06 18:23 1929952 c:\windows\SoftwareDistribution\WebSetup\wuaueng.dll
+ 2010-08-13 07:53 . 2010-08-13 07:53 1138176 c:\windows\Installer\15b6c.msi
+ 2006-09-17 19:46 . 2010-01-04 15:17 29634504 c:\windows\system32\MRT.exe
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2054360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
c:\documents and settings\Vlastnik\Nabˇdka Start\Programy\Po spuçtŘnˇ\
CalCost.lnk - c:\program files\CalCost\CalCost.exe [2008-9-9 1941504]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
APC UPS Status.lnk - c:\program files\APC\APC PowerChute Personal Edition\Display.exe [2006-9-17 221247]
hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-9 147456]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-9 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.9.2009 13:02 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [29.9.2009 13:05 96408]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [29.9.2009 13:03 735960]
.
Obsah adresáře 'Naplánované úlohy'
2010-08-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2010-08-05 c:\windows\Tasks\FRU Task 2003-04-10 00:56ewlett-Packard2003-04-10 00:56p psc 1100 series272A572217594EBCF1CEE215E352B92AD073FDE4158512021.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-09 15:56]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {8550874F-EB8E-48C2-ADD2-ADB1286C0F01} = 10.0.0.138
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-13 10:22
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-08-13 10:24:53
ComboFix-quarantined-files.txt 2010-08-13 08:24
ComboFix2.txt 2010-08-13 07:42
ComboFix3.txt 2010-01-25 13:52
Před spuštěním: Volných bajtů: 128 060 518 400
Po spuštění: Volných bajtů: 128 068 145 152
- - End Of File - - 48E78BBBB5FD34311F1151F1892D425D
ComboFix 10-08-12.03 - Vlastnik 13.08.2010 10:15:37.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1014.701 [GMT 2:00]
Spuštěný z: c:\documents and settings\Vlastnik\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-13 do 2010-08-13 )))))))))))))))))))))))))))))))
.
2010-08-13 07:08 . 2010-08-13 07:07 423656 ----a-w- c:\windows\system32\deployJava1.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-13 08:08 . 2009-01-20 12:31 -------- d-----w- c:\program files\CalCost
2010-08-13 07:44 . 2010-01-25 13:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-13 07:08 . 2007-04-24 05:23 -------- d-----w- c:\program files\Common Files\Java
2010-08-13 07:07 . 2007-04-24 05:23 -------- d-----w- c:\program files\Java
2010-08-11 12:20 . 2007-04-24 05:22 -------- d-----w- c:\program files\Nazev produktu
.
((((((((((((((((((((((((((((( SnapShot@2010-01-25_13.51.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-13 08:14 . 2010-08-13 08:14 16384 c:\windows\temp\Perflib_Perfdata_7bc.dat
+ 2005-05-26 02:16 . 2009-08-06 17:24 44768 c:\windows\system32\wups2.dll
+ 2006-08-24 16:12 . 2009-08-06 17:24 35552 c:\windows\system32\wups.dll
+ 2006-08-24 16:12 . 2009-08-06 17:24 53472 c:\windows\system32\wuauclt.exe
+ 2010-08-13 07:53 . 2009-08-06 17:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2010-08-13 07:53 . 2009-08-06 17:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
- 2004-08-18 12:00 . 2009-10-26 06:01 64314 c:\windows\system32\perfc009.dat
+ 2004-08-18 12:00 . 2010-03-29 04:58 64314 c:\windows\system32\perfc009.dat
- 2004-08-18 12:00 . 2009-10-26 06:01 76156 c:\windows\system32\perfc005.dat
+ 2004-08-18 12:00 . 2010-03-29 04:58 76156 c:\windows\system32\perfc005.dat
- 2010-01-25 13:42 . 2010-01-07 15:07 38224 c:\windows\system32\drivers\mbamswissarmy.sys
+ 2010-01-25 13:42 . 2010-04-29 13:39 38224 c:\windows\system32\drivers\mbamswissarmy.sys
+ 2010-01-25 13:42 . 2010-04-29 13:39 20952 c:\windows\system32\drivers\mbam.sys
+ 2009-09-29 11:05 . 2009-09-29 11:05 96408 c:\windows\system32\drivers\epfwtdir.sys
- 2009-11-16 08:06 . 2009-11-16 08:06 96408 c:\windows\system32\drivers\epfwtdir.sys
+ 2006-08-24 16:12 . 2009-08-06 17:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2006-08-24 16:12 . 2009-08-06 17:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2004-08-18 12:00 . 2009-08-06 17:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2004-08-18 12:00 . 2009-08-06 17:24 96480 c:\windows\system32\cdm.dll
+ 2009-08-06 18:24 . 2009-08-06 18:24 44768 c:\windows\SoftwareDistribution\WebSetup\wups2.dll
+ 2009-08-06 18:24 . 2009-08-06 18:24 35552 c:\windows\SoftwareDistribution\WebSetup\wups.dll
+ 2009-08-06 18:24 . 2009-08-06 18:24 53472 c:\windows\SoftwareDistribution\WebSetup\wuauclt.exe
+ 2009-08-06 18:24 . 2009-08-06 18:24 96480 c:\windows\SoftwareDistribution\WebSetup\cdm.dll
+ 2006-10-24 07:06 . 2010-04-28 07:19 25214 c:\windows\Installer\{AC76BA86-7AD7-1029-7B44-A70500000002}\SC_Reader.exe
- 2006-10-24 07:06 . 2006-10-24 07:06 25214 c:\windows\Installer\{AC76BA86-7AD7-1029-7B44-A70500000002}\SC_Reader.exe
+ 2010-08-13 07:53 . 2010-08-13 07:53 10134 c:\windows\Installer\{AB47445C-8CA6-4A84-8A1B-42361B78BA4D}\callmsi.exe
+ 2006-08-24 16:12 . 2009-08-06 18:23 209624 c:\windows\system32\wuweb.dll
+ 2006-08-24 16:12 . 2009-08-06 17:24 327896 c:\windows\system32\wucltui.dll
+ 2006-08-24 16:12 . 2009-08-06 17:23 575704 c:\windows\system32\wuapi.dll
+ 2004-08-18 12:00 . 2010-03-29 04:58 408792 c:\windows\system32\perfh009.dat
- 2004-08-18 12:00 . 2009-10-26 06:01 408792 c:\windows\system32\perfh009.dat
- 2004-08-18 12:00 . 2009-10-26 06:01 406354 c:\windows\system32\perfh005.dat
+ 2004-08-18 12:00 . 2010-03-29 04:58 406354 c:\windows\system32\perfh005.dat
+ 2010-08-13 07:08 . 2010-08-13 07:08 153376 c:\windows\system32\javaws.exe
+ 2010-08-13 07:08 . 2010-08-13 07:08 145184 c:\windows\system32\javaw.exe
+ 2010-08-13 07:08 . 2010-08-13 07:08 145184 c:\windows\system32\java.exe
+ 2009-09-29 11:02 . 2009-09-29 11:02 108792 c:\windows\system32\drivers\ehdrv.sys
- 2009-11-16 08:03 . 2009-11-16 08:03 108792 c:\windows\system32\drivers\ehdrv.sys
+ 2009-09-29 10:56 . 2009-09-29 10:56 116008 c:\windows\system32\drivers\eamon.sys
+ 2006-08-24 16:12 . 2009-08-06 18:23 209624 c:\windows\system32\dllcache\wuweb.dll
+ 2006-08-24 16:12 . 2009-08-06 17:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2006-08-24 16:12 . 2009-08-06 17:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2009-08-06 18:24 . 2009-08-06 18:24 327896 c:\windows\SoftwareDistribution\WebSetup\wucltui.dll
+ 2009-08-06 18:23 . 2009-08-06 18:23 575704 c:\windows\SoftwareDistribution\WebSetup\wuapi.dll
+ 2010-08-13 07:09 . 2010-08-13 07:09 180224 c:\windows\Installer\6f09e3.msi
+ 2010-08-13 07:07 . 2010-08-13 07:07 676352 c:\windows\Installer\6f09de.msi
+ 2010-08-13 07:53 . 2010-08-13 07:53 101480 c:\windows\Installer\{AB47445C-8CA6-4A84-8A1B-42361B78BA4D}\egui.exe
+ 2006-08-24 16:12 . 2009-08-06 17:23 1929952 c:\windows\system32\wuaueng.dll
+ 2006-08-24 16:12 . 2009-08-06 17:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
+ 2009-08-06 18:23 . 2009-08-06 18:23 1929952 c:\windows\SoftwareDistribution\WebSetup\wuaueng.dll
+ 2010-08-13 07:53 . 2010-08-13 07:53 1138176 c:\windows\Installer\15b6c.msi
+ 2006-09-17 19:46 . 2010-01-04 15:17 29634504 c:\windows\system32\MRT.exe
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2054360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
c:\documents and settings\Vlastnik\Nabˇdka Start\Programy\Po spuçtŘnˇ\
CalCost.lnk - c:\program files\CalCost\CalCost.exe [2008-9-9 1941504]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
APC UPS Status.lnk - c:\program files\APC\APC PowerChute Personal Edition\Display.exe [2006-9-17 221247]
hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-9 147456]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-9 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.9.2009 13:02 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [29.9.2009 13:05 96408]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [29.9.2009 13:03 735960]
.
Obsah adresáře 'Naplánované úlohy'
2010-08-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2010-08-05 c:\windows\Tasks\FRU Task 2003-04-10 00:56ewlett-Packard2003-04-10 00:56p psc 1100 series272A572217594EBCF1CEE215E352B92AD073FDE4158512021.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-09 15:56]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {8550874F-EB8E-48C2-ADD2-ADB1286C0F01} = 10.0.0.138
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-13 10:22
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-08-13 10:24:53
ComboFix-quarantined-files.txt 2010-08-13 08:24
ComboFix2.txt 2010-08-13 07:42
ComboFix3.txt 2010-01-25 13:52
Před spuštěním: Volných bajtů: 128 060 518 400
Po spuštění: Volných bajtů: 128 068 145 152
- - End Of File - - 48E78BBBB5FD34311F1151F1892D425D